IBME8516ACEE7A93DD136EF1C724BE376FE53A7DD1FD92F68284C73354802291286Security Bulletin: Multiple security vulnerabilities have been identified in IBM DB2 which is shipped with IBM Intelligent Operations Center.
Summary
IBM DB2 shipped with IBM Intelligent Operations Center. Information about security vulnerabilities affecting IBM DB2 has been published in a security bulletin (CVE-2023-39976, CVE-2023-40373, CVE-2023-40372, CVE-2023-30987, CVE-2023-38719, CVE-2023-38740, CVE-2023-30991, CVE-2023-38)
Vulnerability Details
Refer to the security bulletin(s) listed in the Remediation/Fixes section
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| Intelligent Operations Center (IOC) | 5.1.0, 5.1.0.2, 5.1.0.3, 5.1.0.4, 5.1.0.6, 5.2, 5.2.1, 5.2.2,5.2.3,5.2.4 |
Remediation/Fixes
Multiple vulnerabilities with different CVEs with different versions of IBM DB2 for Linux, UNIX and Windows has been raised over denial of services, java, Apache Http Components, 3rd party libs, etc.
Download the correct version of the fix pack from the following links as per your current installed DB2 version. Installation instructions for the fix are included in the document that is in the fix package.
<https://www.ibm.com/support/pages/node/281467>
Workarounds and Mitigations
None
Related
6.3 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
31.2%